Merge pull request #37 from netlify/support-insecure-tls

support envconfig and insecure
netlify · Sep 28, 2017 · 0445a47 · 0445a47
2 parents 438f166 + d02f6eb
commit 0445a47
Showing 1 changed file with 17 additions and 7 deletions.
diff --git a/tls/tls.go b/tls/tls.go
@@ -8,25 +8,35 @@ import (
 )
 
 type Config struct {
-	CAFiles  []string `mapstructure:"ca_files"`
-	KeyFile  string   `mapstructure:"key_file"`
-	CertFile string   `mapstructure:"cert_file"`
+	CAFiles  []string `mapstructure:"ca_files" envconfig:"ca_files"`
+	KeyFile  string   `mapstructure:"key_file" split_words:"true"`
+	CertFile string   `mapstructure:"cert_file" split_words:"true"`
 
 	Cert string `mapstructure:"cert"`
 	Key  string `mapstructure:"key"`
 	CA   string `mapstructure:"ca"`
+
+	Insecure bool `default:"false"`
 }
 
 func (cfg Config) TLSConfig() (*tls.Config, error) {
+	var tlsconf *tls.Config
+	var err error
 	if cfg.Cert != "" && cfg.Key != "" {
-		return LoadFromValues(cfg.Cert, cfg.Key, cfg.CA)
+		tlsconf, err = LoadFromValues(cfg.Cert, cfg.Key, cfg.CA)
+	} else if cfg.CertFile != "" && cfg.KeyFile != "" {
+		tlsconf, err = LoadFromFiles(cfg.CertFile, cfg.KeyFile, cfg.CAFiles)
+	}
+
+	if err != nil {
+		return nil, err
 	}
 
-	if cfg.CertFile != "" && cfg.KeyFile != "" {
-		return LoadFromFiles(cfg.CertFile, cfg.KeyFile, cfg.CAFiles)
+	if tlsconf != nil {
+		tlsconf.InsecureSkipVerify = cfg.Insecure
 	}
 
-	return nil, nil
+	return tlsconf, nil
 }
 
 func LoadFromValues(certPEM, keyPEM, ca string) (*tls.Config, error) {